CVE-2026-23411
Severity CVSS v4.0:
Pending analysis
Type:
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Publication date:
01/04/2026
Last modified:
24/04/2026
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
apparmor: fix race between freeing data and fs accessing it<br />
<br />
AppArmor was putting the reference to i_private data on its end after<br />
removing the original entry from the file system. However the inode<br />
can aand does live beyond that point and it is possible that some of<br />
the fs call back functions will be invoked after the reference has<br />
been put, which results in a race between freeing the data and<br />
accessing it through the fs.<br />
<br />
While the rawdata/loaddata is the most likely candidate to fail the<br />
race, as it has the fewest references. If properly crafted it might be<br />
possible to trigger a race for the other types stored in i_private.<br />
<br />
Fix this by moving the put of i_private referenced data to the correct<br />
place which is during inode eviction.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.13.1 (including) | 5.10.253 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.203 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.169 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.130 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.12.77 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.13 (including) | 6.18.18 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.19 (including) | 6.19.8 (excluding) |
| cpe:2.3:o:linux:linux_kernel:4.13:-:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/13bc2772414d68e94e273dea013181a986948ddf
- https://git.kernel.org/stable/c/2a732ed26fbd048e7925d227af8cf9ea43fb5cc9
- https://git.kernel.org/stable/c/3ddb961d2929bbb3204a2bba21b5d8153cd3f7cc
- https://git.kernel.org/stable/c/667df93769c02ff581c77d2d8f162147e719c557
- https://git.kernel.org/stable/c/8e135b8aee5a06c52a4347a5a6d51223c6f36ba3
- https://git.kernel.org/stable/c/a92c5e5086a87d082696245a8607666da3d80554
- https://git.kernel.org/stable/c/ae10787d955fb255d381e0d5589451dd72c614b1
- https://git.kernel.org/stable/c/eecce026399917f6efa532c56bc7a3e9dd6ee68b